kubernetes

infra

kubernetes

Fork 0

Commit Graph

Author	SHA1	Message	Date
Dustin	a26857819a	step-ca: Add Ingress resource It turns out, `step ca renew` _can_ renew certificates without mTLS; it has a `--mtls=false` command-line argument that configures it to use a JWT signed by the certificate, instead of using the certificate at the transport layer. This allows clients to renew their certificates without needing another authentication mechanism, even with the TLS-terminating proxy.	2024-07-27 13:07:26 -05:00

Author

SHA1

Message

Date

Dustin

a26857819a

step-ca: Add Ingress resource

It turns out, `step ca renew` _can_ renew certificates without mTLS; it
has a `--mtls=false` command-line argument that configures it to use
a JWT signed by the certificate, instead of using the certificate at
the transport layer.  This allows clients to renew their certificates
without needing another authentication mechanism, even with the
TLS-terminating proxy.

2024-07-27 13:07:26 -05:00

1 Commits (812b09626f238434cc36d3959f130054da993ec8)